Techcure, est. 2010, offers cost-effective, leading-edge solutions for NA SMEs. We prioritize integrity, excellence in economic and tech consulting. Explore our digital journey.



411 University St, Seattle, USA


We all know the importance of starting right.

If you understand the basics, right from the beginning of the process, the rest of the exercise becomes as smooth as silk.

So, make sure you make a perfect start by following these steps systematically to get the best end results.

Select Web Hosting:

Choose a suitable web host depending on your requirements.

Download Latest WordPress Version:

Download WordPress from the official website

Use FTP Client:

Download FileZilla the best FTP client.

Online or Localhost?

Select an appropriate development environment and then install WordPress. You can choose either of these two options; Local service like XAMPP, or Host site on a test URL.


So, where do you actually start?

That’s the first question that’s probably popped in your head. This checklist is the answer to that very question.

Regardless of whether you are a beginner or a WordPress expert, this particular checklist will benefit anyone who is in the process of developing a new WordPress website.

Choose the Right Directory:

Select a directory and install it under public_html. Do not use ‘root’ or ‘WordPress’.

Change Table Prefix:

User andomletters/numberstable names instead of the default wp_table names. Checkout Change Table Prefix Plugin.

Hide your Test Website from Search Engines:

Make sure you hide your website from the search engines by checking the option under Settings > Reading “Discourage search engines from indexing this site”.

Use Unique Login/Password:

Refrain from using admin/admin as admin login/ password. Alternatively, you can follow these examples:

Additional Steps:

Once the installation is complete, here are some of the additional things you will need to do.

					// To redirect from non www to www add this code to .htaccess in root.

RewriteEngine On

RewriteCond %{HTTP_HOST} !^www\.

RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

// To redirect from www to non www add this code to .htaccess in root.

RewriteEngine On

RewriteCond %{HTTP_HOST} ^www\. (.+) [NC]

RewriteRule ^(.*) http://%1/$1 [R=301,NE,L]

Set Default Date & Time:

Don’t forget to update the Time Zone. Date/Time under Settings > General.

Update Blog Title:

Very important to update the blog title and tag line appropriately under Settings > General.

Change Media Settings:

Under Settings > Media, uncheck the “Organize my uploads into month and year-based folders” option if you would like to save all the images under ‘uploads’ folder. Be aware that large sites with 1000’s of images will make this folder very heavy.

Change Blog Category:

Similarly, under Posts > Categories, rename the ‘uncategorized’ to set up a default category for Posts.

Password Protect Demo Site:

Increase the security for your demo website by installing the Password Protected plugin.

Delete Sample Config File:

Finally, don’t forget to remove the sample config file, WP-config-sample.php in your root under public_html.

Additional Steps:

					Define (‘WP_DEBUG’, true);


Now comes the most important checklist.

There are a million settings and changes you need to make during the development process, in order to build a website that meets all your requirements.

That’s why, we have included even the minutest of steps that are important during development so that you never miss out on anything crucial to your website.

Remove Default Content:

Here, the first thing you need to do is remove the WordPress default content like posts, comments and more.

Create a Sitemap:

Next, create a logical sitemap in Notepad, Word or Excel and add pages like About us, Contact us. etc., according to this sitemap.

Use Dash for URLS:

Make sure you use “-” in your URL’s instead of “_”.

Add Blog Categories:

Under Posts > Categories, add appropriate blog categories.

Add Tags & Media:

Once you’ve added the blog categories, include suitable posts, tags and media files.

Use ALT Tags:

Don’t forget to add alt tags to all the website Images. You may also use the Search Friendly Images Plugin.

Add Newsletter Subscription:

Include the Email Opt-ln Form for newsletter subscription. You may use Newsletter Plugin. We use Mail Chimp List Subscribe Form Plugin.

Add Social Icons:

Also include feed posts for:

Create Social Profiles

Style Sticky Post:

Style the sticky posts well and make sure they function well. More info at

Check for Content Overflow:

Make sure there are no posts with pictures that break the content layout or are too big for the content column. In that case, make Overflow: Hidden in your CSS.

Highlight Author’s Comments:

Ensure that the author comment is highlighted differently. Checkout How to Highlight Author’s Comments by WPBeginner.

Use Gravatars:

Check that the User Avatars or Gravatars are displayed properly.

Add Comment Closed Message:

The comments display form is replaced with a “Comments Off” message or something similar.

Create 404 Page:

Another important thing is to ensure that the 404 page is created and customized. Check to create a Custom 404 page in WordPress.

Test Search Page:

Please check if the search page is accessible to users.

Use & Test Pagination:

Test the pagination using WP-PageNavi plugin.

Add Favicon:

Add custom Favicon to your site.

Use Breadcrumb

Don’t forget to use Breadcrumbs for easy navigation. Is a part of WordPress SEO by Yoast Plugin.

Add Comment Closed Message:

The comments display form is replaced with a “Comments Off” message or something similar.

Create 404 Page:

Another important thing is to ensure that the 404 page is created and customized. Check to create a Custom 404 page in WordPress.

Link Logo:

Link the company logo to the Homepage.

Remove Lorem Ipsum

Lastly, make sure you remove all the Lorem Ipsum text on your website.


Congratulations! You re finally done with the tricky development process!

Now, you must be ready to launch it successfully, without any glitches.

Mind you, there are lots of steps to follow before you actually launch your website. So, we have put in every little thing you need to have in place, before you go live.

Just follow them all and have a hassle-free launch!

Make Backups:

Once you launch your website it is important to make regular back-ups. You can use these plugins for creating backups Backup WordPress (free) | BackupBuddy (Paid).

Check Content Structure:

Check the structure and content for everything including pages, categories, URL’S, submission forms, etc.

Update Admin Email:

Also, under Settings > General, check social links, contact info and admin email.

Implement Security:

Make sure you have all the security in place, like password strength. files and folder permissions, etc. using the iThemes Security Plugin.

Ensure CBC:

Check if your website is cross browser compatible by extensive testing. Free Trial with Cross Browser Testing.

Enable Site to be crawled:

Uncheck the option under Settings > Reading of “Discourage search engines from indexing this site” and make website visible to search engines.

Disable Coming Soon Page:

Disable the Coming Soon page.

Test for Responsiveness:

Ensure that your website is mobile friendly. Run Google’s Mobile Friendly Test to determine the same.

Check Loading Speed:

You must also improve the page loading speed with the help of Google’s Page Speed Insights.

Compress Images:

If you are using free stock images, then make sure to reduce all the image sizes by almost 50% by compressing the PNG and JPG files using WP Smush it or Short Pixel plugin.

Use Latest WP Version:

Make sure you are using the latest version of WordPress. If not, ensure that you upgrade when you go live.

Upgrade Plugins:

It is also important to upgrade all the plugins on your website before going live.

Open URL in New Tab:

Check if all your external links are working by opening them in new tabs. Use code similar to this for links:

					<a href =”#” target=”_blank”>

Check Broken Links:

It is imperative that you check for broken links on your website before going live using Broken Link Checker Plugin.

White Label (Optional):

If you are developing the WordPress website for a client, implement branded WordPress login page using White Label CMS Plugin.

Disable Coming Soon Page:

Launch the plugin SeedProd and disable the Coming Soon page.

Go Live:

Once all these things are in place, you are finally ready to go live.


Now let me tell you, security is a very important aspect of website development.

Hence, before you present your WordPress website to the world, it is imperative that you have tight web security in place.

Through this checklist, you will get to learn which plugins and additional settings are required to safeguard your precious website from malicious threats.

Prevent Directory Access:

Prevent access to ail directories, place this code inside your .htaccess file. # Prevent folder browsing. Options All -Indexes.

Monitor Site Performance:

Get regular reports of your website’s performance with the help of the P3 Plugin Performance Profiler Plugin

Delete Install & Upgrade Files:

Be sure to delete /wp-admn/install.php and /wp-admin/upgrade.php after every WordPress installation or upgrade.

Limit Suspicious Login Attempts:

Limit the number of login attempts possible both through normal login as well as using auth cookies by using Login LockDown Plugins.

Use iThemes Security:

We strongly recommend that you use the most comprehensive security plugin, iThemes Security plugin, because it’s free and takes care of almost all the security issues on the website.

Disable Theme and plugin Editor:

If you warn to stop the editor links from appearing in the admin area you can add the following to your wp-config.php file so people cannot edit the theme directly in the admin area.

					Define ( ‘DISALLOW_FILE_EDIT’
, true);

Hide your WordPress Version:

It is important that you hide your current Word I Press Version from the hackers. Add the following code to your

					<files wp-config.php>

order allow,deny

deny from all


Protect your wp-con fig file:

As wp-config.php file contains all the confidential details of your site, so it’s pretty important that you protect it at all costs. An easy way to protect this file is to simply place the following code in your .htaccess file on your server.

					<files wp-config.php>

order allow,deny

deny from all


Hide Login Error messages:

Error login messages may expose and give hackers an idea if they’ve gotten username correct/ incorrect, vice versa. It is wise to hide it from unauthorized login. To hide login error messages simply put the following code functions.php

					function wrong_login() {

return ‘Wrong username 
or password.’;



Go Live:

Once all these things are in place, you may either go live at this stage and follow the SEO Checklist after or vice-versa.

× How can I help you?